Help with Error 520 using nginx proxy

Hi i get an error 520 when I use nginx as a proxy for apache, when cloudflare is enabled

Here is a breakdown
Client → Cloudflare → apache (works)
Client → apache (works)
Client → nginx → apache (works)
Client → Cloudflare → nginx → apache (error 520)

The diagnostic-center tells me that all is good. Diagnostic Center | Check SSL and Test Website Security | Cloudflare

If we look at Troubleshooting Cloudflare 5XX errors – Cloudflare Help Center

  • Origin web server application crashes
  1. It do not crashes?
  2. Client → Cloudflare → apache (works)
  3. Client → apache (works)
  4. Client → nginx → apache (works)
  1. Client → Cloudflare → apache (works)
  • Headers exceeding 16 KB (typically due to too many cookies)
  1. Not sure how to see that information but I don’t think there is a 16KB header, how do I verify? And why should it change from the apache to the nginx proxy?
  • An empty response from the origin web server that lacks an HTTP status code or response body
  1. I present works fine if i look in chromes DevTools
  1. I present works fine if i look in chromes DevTools and it is a nginx server not some home make?

is the nginx config at fault when a proxy calls a proxy? i use this setup (proxy_pass information replaced, but still a domain like below) (remember Client → nginx → apache (works))

location / {   
       client_max_body_size 100m;
       proxy_set_header X-Forwarded-Host $host;
       proxy_set_header X-Forwarded-Server $host;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

       proxy_pass https://example.com/;
   }

This is helpful information. Would you happen to know if that Apache config was using HTTP/2?

The NGINX server probably does. Do you have enough access to disable HTTP/2 there?

Hi

I have full control of the servers.

Apache and NGINX both have HTTP/2 enabled, which server will you want me to disable HTTP/2 on? (both?)

Turning off HTTP/2 on the nginx server did not help still 520
Wait!

That’s what we were looking for: testing Cloudflare’s connection to your server. Since Apache was working, but NGINX wasn’t, now we know HTTP1 didn’t help here.

Tagging the @MVP group now.

I did not know that " NGINX can’t serve multiple protocol on 1 port. Make it different port . Example : HTTP/2 on port 443" safari - How to disable http2 in nginx - Stack Overflow

so disabled http2 on all sites on the proxy server, now it works

Why can NIGNX not use HTTP/2 and HTTP/1.1 on the same port??

1 Like

Hi @edb,

Due to the number of 520s being reported in similar circumstances, we are escalating the issue to Cloudflare Support. The original incident should have been resolved and your issue may well be unrelated.

We recommend checking these troubleshooting tips, if you haven’t already.

If you have been through these thoroughly and are not seeing corresponding issues on your network/server and you have a ticket number with Cloudflare, please reply and post that #.

To enable efficient troubleshooting by support, please ensure you include the following on the ticket:

  • example URL(s) where you are seeing the error
  • Ray IDs from the 520 pages
  • output from a traceroute from any impacted user
  • output of example.com/cdn-cgi/trace - replace example.com with the affected domain.
  • Also include two HAR file(s) : one detailing your request with Cloudflare enabled on your website and the other with Cloudflare temporarily disabled - see How do I temporarily deactivate Cloudflare ?
2 Likes

Hi it was do to HTTP/2 as the only supported protocol as NGINX can not serve HTTP/1.1 and HTTP/2 on the same port, case is closed.

But it would be nice if the “Error 520” “Guide” reflected that as a potential problem.

Unless you aren’t using HTTPS, but glad it’s sorted. HTTP/2 on non HTTPS connections isn’t supported in the vast majority of cases.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.